senior-prompt-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly includes web-search and RAG patterns that ingest retrieved documents (e.g., the "search_web" tool in references/agentic_system_design.md, ReAct/Tool Use examples calling search(), the RAG pattern in references/prompt_engineering_patterns.md, and the rag_evaluator.py which consumes retrieved contexts.json), so the agent is expected to read untrusted public/web-sourced content that could carry indirect prompt injection.